diff options
author | Matt Caswell <matt@openssl.org> | 2018-04-23 11:23:43 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2018-04-24 09:23:23 +0100 |
commit | 4753ad858c299a34815988907989c98d5285e57e (patch) | |
tree | 861f661c68097aa6e8f5d69de669e6df3453d55c | |
parent | 22eb2d1c80ff511985c0b32a6f4699c3a062311b (diff) | |
download | openssl-4753ad858c299a34815988907989c98d5285e57e.zip openssl-4753ad858c299a34815988907989c98d5285e57e.tar.gz openssl-4753ad858c299a34815988907989c98d5285e57e.tar.bz2 |
Document when a session gets removed from cache
Document the fact that if a session is not closed down cleanly then the
session gets removed from the cache and marked as non-resumable.
Fixes #4720
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/6053)
-rw-r--r-- | doc/man3/SSL_get_session.pod | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/doc/man3/SSL_get_session.pod b/doc/man3/SSL_get_session.pod index b2e92af..7ed6353 100644 --- a/doc/man3/SSL_get_session.pod +++ b/doc/man3/SSL_get_session.pod @@ -48,6 +48,11 @@ SSL_SESSION object that cannot be used for resumption in TLSv1.3. It also enables applications to obtain information about all sessions sent by the server. +A session will be automatically removed from the session cache and marked as +non-resumable if the connection is not closed down cleanly, e.g. if a fatal +error occurs on the connection or L<SSL_shutdown(3)> is not called prior to +L<SSL_free(3)>. + In TLSv1.3 it is recommended that each SSL_SESSION object is only used for resumption once. |